2012-08-25

Friends as you must have seen the Sam's NAS project powerd by Unraid was been initiated by me a year ago (24 Aug 2012), and

guess I got a lukewarm response to it as well. Nonetheless I thank you all for the support you all have shown towards the

thread.

We ended it with Part one on board i.e

*1. Introduction and Comparison.*

It gives me great pleasure to announce the second part of the series ....

*2. Quintessential Features of NAS*

Please do show your equal support with comments and suggestions...

Since the features I am going to discuses here are also quite inherently knitted with how secure the access should be. I

will include the third part as well with this one and discuses how we can also make the access secure from out side.

@@@@@@@@@@ - *PART 2 :: Quintessential Features of NAS*- @@@@@@@@@@

A brief look in the past ......

As you must be knowing (at least the ones who tool interest in this project) that I have been running my NAS on UNRAID NAS

OS baised on linux. It been one full year now I have been running it and this provides me enough confidence to safely

conclude that UNRAID out of the box is one of the most robust and stable NAS OS out there. I cannot even remember how many

times UNRAID was killed abruptly coz of either some testing or power breakage (initially when I did not have the Online

UPS), but it has been up and running always without fail with no error or issue what so ever.

It been a pleasure using it for the last one year.

Image: http://img194.imageshack.us/img194/5107/tower2a.jpg

In this part 2 of the project we will discuses few quitessentials featurs of a NAS, that most of us would love to add.

*1. Ftp access to your server (sftp for secure access)
2. VPN access (also covered under security)
3. Configuring telnet by using Putty
4. Dynamic IP resolution : So that internal resources can be accessed from outside.
5. Enabling SSH
*

These features will help a user to use his NAS as .....

*1. A File server
2. A Web Server ( You might want to host a site on your own server ..:), or run other services on it that require a HTTP portal to run (More on this later)
3. Access Shares across internet securely
4. Create a Music Server, which also can be accessed from internet and also from an Android Phone
*

***********THE PREREQUISITE***********

Before we move on to configuring all this, there are few things, basic concepts that every ones needs to know (few would

already know, but I am talking about those who dont). Based on these concepts we need to get few prerequisites done before

we can have access to our NAS from internet.

Also since I own a Linksys E2000 Router and an Airtel Broadband connection with Beetal 440BXi ADSL modem, my guide would be

based on these hardware only, but the concept remains the same, so the same can be achieved on your hardware as well. Its

just a matter of looking hard and referring the manual for your device.

*Understanding ADSL*

ADSL stands for asymmetric digital subscriber line. Asymmetric means that the bandwidth varies, and one of the major draw

backs of ADSL is that the downstream is much higher than the upstream, somewhere in the ratio is 1:3 or 1:4. What this

means is that the download speed is much faster than the upload. With a ratio of say 1:4 an example would be that if your

download speed is 4 mbps you upload will is 1 mbps.

*ADSL Modem as a Router*

ADSL Modems comes in various variants, Some are purely Modems and some have a basic functionality of a Router as well in

them. Airtel 440BXi is one on them. Now if you have the Modem/Router directly connected to your PC, configurations would change, and if you have modem connected to your Router thing might get a bit complected if you want to access your LAN from out side.Before moving ahead let me share the model I have at my house....

*
Airtel BroadBand DSL ===> Airel 440BXi Modem ===> Linksys E2000 Router --

-----> To

My 2 Desktops via cat 6
My Laptop and Mobiles via Wifi n*

*Access from the out side world.*

Two issues needs to be addressed for this ........

*1. The dialing up .... PPPoE on your Modem*

Airtel's and most of the ISPs out there uses Point-to-Point Protocol over Ethernet (PPPoE) to let the end user connect with them. PPPoE dials from one machine to another over an Ethernet network, establish a point to point connection between them and then securely transport data packets over the connection. Reason more secure and to an extent reliable as well. The dialing happens at the Modem's ends and is spontaneous, giving an impression to the user as an always on connection.

*2. DHCP Issue.*

Since the modem is also acting as a Router, it also has its own DHCP, and as its connected to another router (wifi), we end up have 2 DHCPs. This creates issue for the port forwarding at the router, which is an essential step to get access from the outside would.

*Resolution*

Resolution to both of this to "*enable full bridge mode on the modem*" which would pass the line stight to the router and your router does the PPPoE dialing.

If by any chance you router does not have PPPoE mode, you can create a dial up connection on your windows as well and do the dialing.

*Enable Bridge mode on 440BXi*

Enabling Bridge mode on 440BXi is very simple .......

Go to you admin page by typing the address : *192.168.1.1* or , if this does not work ask your ISP to provide the ip to access your DSL Modem.
Under the advance setup on the left side, click on *WAN*. Thats where you will find the *PPPoE with status Enabled*.

Check out the snap below

Image: http://i50.tinypic.com/4v304p.jpg

*Click edit
Click Next .. No change here
Next
You would see Connection type
uncheck "PPP/PPPoE\"
select "Bridged"
Rest of the settings same
SAVE and reboot *

*You will loose your connection here ........ Which will come back when we set up Router for PPPoE*

*Set up Router for PPPoE*

*Precaution :: * You will need to know, the User name and password for you DSL connection and if you do not know, you have to contact your ISP for that. Go to your router admin page by typing 192.168.0.1 or 192.168.1.0 , depending on the DHCP. For E2000 its 0.1. On the Router page navigate to
*SETUP ==> Basic Setup* and change internet connection type to "PPPoE" . Put the user name and password for your connection. (Get this from your ISP), put the optional connection name and redial period of 30 seconds

Refer the snap below ....

Image: http://i45.tinypic.com/11c75ut.jpg

Save the settings and reboot the Router as well.

If all goes well you will have your net connection back and now you have one DHCP working and Router doing the dialing over PPPoE.

Now we can use the port forwarding to have access of your internal network over internet.

***********Enabling (s)FTP on UNRAID***********

Enabling FTP is no big deal on Unraid, coz its already enabled on it ...:D
How ever its not secure. FTP as you all must know is a file transfer protocol to transfer files over TCP network. But the thing with ftp is whenever a user opens up a regular ftp session or most other TCP/IP connections, the entire transmission made between the host and the user is sent in plain text.Anyone who has the ability to snoop on the network packets can read the data.

To make it secure we have to use *ftp over SSH (Secure Shell),* SSH is shell services or command execution between two networked computers that it connects via a secure channel. and ftp over ssh is called SFTP

To use UNRAID over sftp we just need to install SSH. and for that you need to go to your UNRAID console by typing >:8080.
Go to *"Package Manager"* and search for *"OpenSSH"* (do a ctrl f for finding). Select OpenSSH and install it.

Thats it. Make sure you select "Enable Re-install on boot"

Image: http://i49.tinypic.com/2hoh3pf.jpg

*Transfer files using sftp*

My recommended, fav and most used application for ftp is *Filezilla*.
Download install and open. At the top put your UNRAID ip and port 22 and you will be connected.

NOTE :: This is within your LAN we are talking about. We still have not discussed access from outside. We will do that in the end.

***********Confguring Telnet using PUTTY***********

PuTTY is a free and open source terminal emulator application which can act as a client for the SSH, Telnet, rlogin, and raw TCP computing protocols and as a serial console client .... ......................source Wiki

As you must all know, UNRAID is a headless OS, meaning you dont need Keyboard and mouse to manage it as such. But one might still want to go to the OS command prompt to perform some activities (we would use this a lot later), puTTy is the ans.
Download putty from *HERE* (http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html)

Interface is pretty simple, open putty put the IP and port 22 for SSH. Make sure the ssh is installed on your machine ......... once done the application will ask to install the key (only for the first time and then you will be logged on

.....

Image: http://i45.tinypic.com/14oao7o.jpg

Image: http://i50.tinypic.com/2uzrw5z.jpg

*********** Configuring VPN access***********

VPN is all must know stands for Virtual Private Network. Why do we need VPN and what exactly VPN does ..???

In layman Terms ...

A Virtual Private Network (VPN) is a network technology that creates a secure network connection over a public network such as the Internet or a private network owned by a service provider.

The VPN uses "virtual" connections routed through the Internet from the a private network to the remote site or end user.

Advantage :: Its secure as no can can intercept the tunnel (virtual network), and is the most reliable way at present to connect between networks over internet.

*When accessing your NAS from out side its always advisable to connect via VPN as no port fw is required and all traffic is secure.*

There are loads of VPN solutions available. Dedicated and third party. example of dedicated VPN can be Open VPN (available for both windows and Linux).
And one of the top third party VPN available for open public is Himachi. Which provides VPN connection via their pretty comprehensive tool called *"LogMeIn"*

I have tried both OpenVPN and LogMeIn. Both are good in their own way, but OpenVPN is darn complicated to configure and setup. LogMeIn ofcourse coz of third party is pretty simple and very effective VPN solution.

*Himachi LogMeIn*

Hamichi LogMeIn is a quite nifty feature rich service provided by Himachi for a secure and fast VPN access. Its not that difficult to setup on Linux (UNRAID here), but on windows its a piece of a cake. Here I will show you the step by step guide of how to set up a LogMeIn VPN connection for UNRAID.

Its a two part process, first we have to install the LogMeIn server on UNRAID, and then we install the client on the windows machine from which we want the VPN connect to exists. Once done you can access your NAS shares from that machine easily and securly. Before we go ahead please make sure that you have an account with LogMeIn. Create it

*HERE* (https://secure.logmein.com/)

Once you have created the account you have to create a Network of yourself, so that you or any one you want can join your network via VPN from outside (Internet). With a free account max of 5 people can join your network including you. Your network would contain one HUB (which would be your NAS - UNRAID) and as I said max of 5 clients including you who can connect to your HUB via VPN connection and access your shares.

To create a network log in to LogMeIn. Click on Network on the left panal and click on My networks. You would not see any netwrok created there as yet. refer my screen shot. I have a network created.

Image: http://i47.tinypic.com/99fkoy.jpg

Then click to ADD Network and put in the required fields like name of the network. For network type choose *HUB and SPOKE*. This means all the computers on the network with connect with one HUB (UNRAID) and not amount themselves. I have not tried Mesh but it seems Mesh means people will connect amount themselves.

Image: http://i47.tinypic.com/2uyrk3m.jpg

Once that is done you can see your network with still nothing in it.
Click on EDIT in front of your network name, *note down the network ID*.

Image: http://i46.tinypic.com/348q5ad.jpg

Then click on settings and select ......."*Must Be approved*" under
Join Requests.

Finally go to Passwords and put a check on "*A password is required to join this network" *and put a password under it.

************************

Work here for now is done and we shall go to UNRAID now to install the HUB server.

*Step 1 : Download PERL from Unraid package manager and install *

Image: http://i46.tinypic.com/nnpjwm.jpg

You go to package manager by typing >:8080

*STEP 2 : Once that is done download Hamachi server for Linux from below *...

*_http://gfjardim.googlecode.com/files/hamachi-2.0.1.15-i686-unRAID.tgz_*

*STEP 3 : placed the new hamachi-2.0.1.15-i686-unRAID.tgz in the packages folder*

packages folder is on the flash drive where unraid is install.

*STEP 4 : Go to >:8080 page click on "Config/View/Edit". Click on the drop down menu for "Select a Config/System File to view" and select Boot/Config/go. You would see the details of the GO file below. Now click on EDIT and add the line* installpkg /boot/packages/hamachi-2.0.1.15-i686-unRAID.tgz* at the bottom
Save the file.*

Image: http://i47.tinypic.com/307nuc9.jpg

Image: http://i49.tinypic.com/zlx4e1.jpg

*STEP 5 : Now open PUTTY (Hope you remember putty that I explained earlier) Log in to putty and navigate to cd /boot/packages.
*

Image: http://i49.tinypic.com/f1hcnr.jpg

*STEP 6 : Type _installpkg /boot/packages/hamachi-2.0.1.15-i686-unRAID.tgz_*

This will install Hamachi server HUB on UNraid.

*STEP 7 : Now type CD\ and enter and enter again, this would bring you back to the root prompt.*

*STEP 8 type : hamachi login
STEP 9 : hamachi set-nick
.....choose any nick name preferably Unraid Server
STEP 10 : hamachi attach
....... put your LogMeIn user ID (which is your a mail ID that you have used to register on LogMeIn)*

Thats it. HUB is installed. Now we install client on any windows machine that has access to internet.

download client from .....

https://rapidshare.com/files/1209176977/Hamachi.msi

Install it on your Windows machine ...open it click on network and click join network ... you will need the network ID for your netwrok. Which you already must have noted in the previous steps.

Put the network ID, it will ask you to put the credentials ... (The same that you defined while creating the network. When this is done you still need to approve it ....

Go to https://secure.logmein.com/

Log in with your credentials, click on EDIT in front of your network name, click on Join Request and you should see the name of your computer from which you sent the request. Accept it and exit.

Go to you windows machine, open Himachi and you should be able to see your NAS listed under your network ..

Image: http://i45.tinypic.com/dqrlmw.jpg

Now right click on your NAS name click browse and you should be able to view your shares now .... :).

Image: http://i49.tinypic.com/29pvwyd.jpg

In a similar manner you can add 5 clients from which you can access your UNRAID on VPN from anywhere around the world as long as you have internet.

*********** Unraid as Music Server using SqueezeBox***********

Listining music via your own music server .......believe it or not is damm satisfying, as you have your own full collection at your disposal anytime anywhere across the world, and with Android its even available on the go while travelling (just need 3G)

Here I am gonna show how you can install SB server in unraid so that it can act as a Music server giving you access to your music via web interface.

*STEP 1.*

Go to the below link ....

Squeezebox Software Beta Downloads - Version 7.8 (http://downloads.slimdevices.com/nightly/index.php?ver=7.8)

and download .......

Logitech Media Server: Unix Tarball (for Perl 5.8-5.14, Darwin, i386, x86_64, i386 FreeBSD, ARM EABI, PowerPC)

File name is ...

*logitechmediaserver-7.8.0-1343433580.tgz*

The file actually is a *.gz* file but is names there as *tgz.* dont worry just keep following the steps .....

For your windows machine you can also download SqueezePlay from the same link. OR you can also use winamp to stream music via SB server.

*STEP 2:*

copy your logitechmediaserver-7.8.0-1343433580.tgz(Logitech Media Server: Unix Tarball) on your *disk1*. Not the packages folder, but disk1, where you will also have your shares ....

*STEP 3:* Install PEARL to unraid, for that access your Unmenu page by going to URL ..

*:8080* i.e something like 192.168.10.100:8080

then click on Package Manager ......... on package manager fine PERL (do a ctrl f)

Image: http://img211.imageshack.us/img211/6011/unmenueperl.jpg

Click on select PERL 5.10 and then click on install and enable "rerun on reboot" ............... close the page

*STEP 4:* ..... Telnet into Tower using PUTTY ,, (remember I told you putty would be used enough) ... and navigate to your disk1 by typing the below command ..

*# cd /mnt/disk1/*

then so a ls -l so see if your file *logitechmediaserver-7.8.0-1343433580.tgz* is there...

Image: http://img96.imageshack.us/img96/5600/puttyaccesssbs.jpg

*STEP 5:*

now keep typing the following steps exactly the way I am typing here ....EXACTLY ...

root@SamTower:/mnt/disk1#tar -xf squeezeboxserver-7.5.6-32834.gz
root@SamTower:/mnt/disk1#mv squeezeboxserver-7.5.6-32834/ slimserver/

root@SamTower:/mnt/disk1#chmod -R 777 slimserver
root@SamTower:/mnt/disk1#chmod -R 777 Audio\ Media

*(what ever is the name of your music directory), if you see the above putty black screen shot you can see my music share is named *Audio\ Media/* you need to put your music share name exactly the way it is ....*

root@SamTower:/mnt/disk1#echo >> /etc/passwd
root@SamTower:/mnt/disk1#echo slimserver:$1$oExleBv6$Ux2qBpAanWMqJqUeH2xqp1:1000:100:,,,:/home/slimserver:/bin/bash >> /etc/passwd

*The above sentence is IMP, make sure you type (better copy past it exactly the way its shown above*

root@SamTower:/mnt/disk1#chown -R slimserver.users .

[b] not in the above commane there is a space and a dot at the end

root@SamTower:/mnt/disk1#cd slimserver
root@SamTower:/mnt/disk1#chmod -R 775 Cache
root@SamTower:/mnt/disk1#perl slimserver.pl --daemon --user slimserver

Thats it your server is up and running on Unraid.

*STEP 6* To access it open your browser and type ...

>:9000 i.e 192.168.10.100:9000 and if all is well you should see the media server page loaded .......

*STEP 7*

You would be presented with a list of long directories. What you should be looking for is the */mnt directory*, which should have disk1 and disk2. From there on you can navigate to your music folder.
Select the music folder. click next then choose a playlist folder. Click next, next and finish. Finally you would be presented with the home screen, with number of options under "My Music". *Your collection would be under "Music Folder"*

*STEP 8* ...... Last step imp ..... now though you can browse your music via SBS server, you cannot actually use the same server page to play it, for that you need squeeseplay that you must have dl above or you can use winamp ......

I will guide you with winamp ..... once winamp is up and running ...... click on file .... play URL and put the following URL in it ..

http://>:9000/stream.mp3 ......... for example .....

*http://192.168.0.100:9000/stream.mp3*

Your winamp will give a msg that its connected ...

Image: http://img89.imageshack.us/img89/4032/winampl.jpg

Once that is done go to you SBS server page. On the top right hand corner you will see a drop down arrow, click on it and you should see your winamp listed there with the IP address of you client machine .....

Image: http://img89.imageshack.us/img89/1937/sbsui.jpg

select it and then start adding songs in to the playlist from the right side panel. Finally when all the songs are added, select one and press play on the top player in the same right panel ........ immediately also press play on your winamp player .......... if all goes well you should hear the song from your speakers ......:):)

Image: http://img853.imageshack.us/img853/6931/winamp2.jpg

**********************************

You have now .......

*1. created an FTP access
2. created a VPN access
3. created a music server .......
*
But all this is still inside your LAN, apart from ofcourse VPN access. But you still have not got access to your Music Collection from out side i.e internet ........ in the next tutorial we will discuses how to access your music from *internet and best of all via your Android Phone running 3g :D*

*Thank you all for reading my tut on Part II of sam9s NAS project* ....:):):)

*STAY PUT for coming tutorials ........:)*

*Regards
Sammy*

Show more